[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[bug#43851] [PATCH] gnu: sudo: Depend on python-minimal instead of pytho
|
From: |
Danny Milosavljevic |
|
Subject: |
[bug#43851] [PATCH] gnu: sudo: Depend on python-minimal instead of python. |
|
Date: |
Thu, 8 Oct 2020 09:03:07 +0200 |
Hi Janneke,
On Wed, 07 Oct 2020 19:04:27 +0200
Jan Nieuwenhuizen <janneke@gnu.org> wrote:
> Depending on python pulls in X11:
>
> --8<---------------cut here---------------start------------->8---
> $ guix graph --path sudo libx11
> sudo@1.9.3p1
> python@3.8.2
> tk@8.6.10
> libx11@1.6.9
> --8<---------------cut here---------------end--------------->8---
>
> which is unfortunate, especially for the Hurd.
>
> However...do we really want to extend sudo with eh, a large programming
> language that has a more impressive CVE list than a lovely tiny language
> such as, say Guile? ;)
I am very much in favor of not having unnecessary dependencies in things
which are suid root. Also, there already IS PAM support in sudo, and
PAM has modules--so why have yet another weird new mechanism? For auditing,
there is auditd (even in Guix already).
Furthermore, it makes updating sudo more brittle.
Also, we removed when cross-compiling already, pointing to other problems.
Please remove the python dependency entirely.
pgpwc85b8FlpG.pgp
Description: OpenPGP digital signature
[bug#43851] [PATCH] gnu: sudo: Depend on python-minimal instead of python.,
Danny Milosavljevic <=